The 2019 Verizon Data Breach Investigations Report has been released. It gives a detailed summary of data breaches that public and private entities reported all over the world.
The extensive report gives exhaustive insights and viewpoints on the strategies and techniques employed in cyberattacks and precise details about the present threat landscape. The report included data from 2,013 reported data breaches and 41,686 security incidents from 86 countries. The report was collated using information from 73 sources.
The report shows a number of data breach and cyberattack developments. A number of the significant discoveries of the report are stated below:
- Social engineering attacks target C-Suite executives 12 time more than other employees
- There are more data breaches related to cyber-espionage in 2018 (25% of breaches) than in 2017 (13% of breaches).
- There is an increase in nation-state attacks from 2017 (12% of attacks) compared to 2018 (23% of attacks)
- Financially prompted breaches dropped from 76% to 71%
- 78% of cyber-espionage incidents and 32% of breaches involved phishing
- 90% of malware attacks occurs via email
- 60% of website application attacks involved cloud-based email servers
- The majority of email threats and BEC attacks ended up in data breaches simply because there is no multi-factor authentication implemented
- Hacking had something to do with 52% of cyberattacks
- 34% of attacks were due to insiders
- 43% of cyberattacks targeted small businesses
- The second biggest malware threat involved ransomware and was responsible for 24% of malware-associated breaches
- The attacks on HR personnel decreased by six-fold
- Misconfigured cloud platforms was the reason for 21% of breaches due to errors
Cyberattacks on the Healthcare Industry
Included in the 2019 DBIR were 466 healthcare cybersecurity incidents. 304 of the incidents involved data disclosures.
From all industry sectors examined, the healthcare industry had more incidents due to insiders than incidents due to external threat actors. The report listed 59% of incidents were due to insiders while 42% were due to external threat actors. Doctors and nurses were the reason for the occurrence of 14 times more breaches of healthcare data.
The reasons for cyberattacks on the healthcare industry are as follows: financial gain (83%), fun (6%), convenience (3%), grudge (3%), and espionage (2%). Breaches involved medical data for 72% of breaches; personal data for 34% of breaches and theft of credentials for 25% of breaches.
81% of all reported healthcare cybersecurity incidents were due to miscellaneous errors for example wrong configuration of software, misuse of privilege, and web applications.
In all industries, 24% of malware attacks involved ransomware, but 70% of the reported attacks were from the healthcare industry. Under HIPAA, ransomware attacks are generally reportable breaches. The total number of attacks in all other industries may probably be a lot higher, considering that a lot of attacked companies do not report the incidents and silently give the ransom payment.